A Network Intrusion Detection System Using Ensemble Machine Learning

Abstract

The type and number of cyber-attacks on data networks have been increasing. As networks grow, the importance of Network Intrusion Detection Systems (NIDS) in monitoring cyber threats has also increased. One of the challenges in NIDS is the high number of alerts the systems generate, and the overwhelming effect that alerts have on security operations. To process alerts efficiently, NIDS can be designed to include Machine Learning (ML) capabilities. In the literature, various NIDS architectures that use ML approaches have been proposed. However, high false alarm rates continue to be challenges to most NID systems. In this paper, we present a NIDS that uses ensemble ML in order to improve the performance of attack detection and to decrease the rate of false alarms. To this end, we combine four ensemble ML classifiers - (Random Forest, AdaBoost, XGBoost and Gradient boosting decision tree) using a soft voting scheme.